CONSPEC: Context-Specific Nodes
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| ID: 5 | Name: J2EE Misconfiguration: Insecure Transport |
|
URL: http://cwe.mitre.org/data/definitions/5.html Information sent over a network can be compromised while in transit. An attacker may be able to read/modify the contents if the data are sent in plaintext or are weakly encrypted. |
|
| ID: 8 | Name: J2EE Misconfiguration: Unsafe Bean Declaration |
|
URL: http://cwe.mitre.org/data/definitions/8.html Entity beans should not be declared remote. |
|
| ID: 9 | Name: J2EE Misconfiguration: Weak Access Permissions |
|
URL: http://cwe.mitre.org/data/definitions/9.html If elevated access rights are assigned to EJB methods, then an attacker can take advantage of the permissions to exploit the software system. |
|
| ID: 102 | Name: Struts: Duplicate Validation Forms |
|
URL: http://cwe.mitre.org/data/definitions/102.html Multiple validation forms with the same name indicate that validation logic is not up-to-date. |
|
| ID: 103 | Name: Struts: Erroneous validate() Method |
|
URL: http://cwe.mitre.org/data/definitions/103.html The validator form either fails to define a validate() method, or defines a validate() method but fails to call super.validate(). |
|
| ID: 104 | Name: Struts: Form Bean Does Not Extend Validation Class |
|
URL: http://cwe.mitre.org/data/definitions/104.html All Struts forms should extend a Validator class. |
|
| ID: 105 | Name: Struts: Form Field Without Validator |
|
URL: http://cwe.mitre.org/data/definitions/105.html Every field in a form should be validated in the corresponding validation form. |
|
| ID: 106 | Name: Struts: Plug-in Framework Not In Use |
|
URL: http://cwe.mitre.org/data/definitions/106.html Use the Struts Validator to prevent vulnerabilities that result from unchecked input. |
|
| ID: 107 | Name: Struts: Unused Validation Form |
|
URL: http://cwe.mitre.org/data/definitions/107.html An unused validation form indicates that validation logic is not up-to-date. |
|
| ID: 109 | Name: Struts: Validator Turned Off |
|
URL: http://cwe.mitre.org/data/definitions/109.html Automatic filtering via a Struts bean has been turned off. |
|
| ID: 111 | Name: Unsafe JNI |
|
URL: http://cwe.mitre.org/data/definitions/111.html Improper use of the Java Native Interface (JNI) can render Java applications vulnerable to security bugs in other languages. This results in dynamic loading of pre-compiled native code into the runtime environment. |
|
| ID: 114 | Name: Process Control |
|
URL: http://cwe.mitre.org/data/definitions/114.html Executing commands or loading libraries from an untrusted source or in an untrusted environment can cause an application to execute malicious commands (and payloads) on behalf of an attacker. |
|
| ID: 128 | Name: Wrap-around error |
|
URL: http://cwe.mitre.org/data/definitions/128.html Wrap around errors occur whenever a value is incremented past the maximum value for its type and therefore "wraps around" to a very small, negative, or undefined value. |
|
| ID: 201 | Name: Information Leak Through Sent Data |
|
URL: http://cwe.mitre.org/data/definitions/201.html The accidental leaking of sensitive information through sent data refers to the transmission of data which are either sensitive in and of itself or useful in the further exploitation of the system through standard data channels. |
|
| ID: 213 | Name: Intended Information Leak |
|
URL: http://cwe.mitre.org/data/definitions/213.html A product's design or configuration explicitly requires the publication of information that is sensitive. |
|
| ID: 215 | Name: Information Leak Through Debug Information |
|
URL: http://cwe.mitre.org/data/definitions/215.html |
|
| ID: 467 | Name: Use of sizeof() on a pointer type |
|
URL: http://cwe.mitre.org/data/definitions/467.html Running sizeof() on a malloced pointer type will always return the wordsize/8. |
|
| ID: 473 | Name: PHP External Variable Modification |
|
URL: http://cwe.mitre.org/data/definitions/473.html A PHP product does not properly protect against the modification of variables from external sources. Note: this is a tech-specific instance of MAID. |
|
| ID: 480 | Name: Using the wrong operator |
|
URL: http://cwe.mitre.org/data/definitions/480.html This is a common error given when an operator is used which does not make sense for the context appears. |
|
| ID: 481 | Name: Assigning instead of comparing |
|
URL: http://cwe.mitre.org/data/definitions/481.html In many languages the compare statement is very close in appearance to the assignment statement and are often confused. |
|
| ID: 482 | Name: Comparing instead of assigning |
|
URL: http://cwe.mitre.org/data/definitions/482.html In many languages, the compare statement is very close in appearance to the assignment statement; they are often confused. |
|
| ID: 484 | Name: Omitted break statement |
|
URL: http://cwe.mitre.org/data/definitions/484.html Omitting a break statement so that one may fall through is often indistinguishable from an error, and therefore should not be used. |
|
| ID: 491 | Name: Mobile Code: Object Hijack |
|
URL: http://cwe.mitre.org/data/definitions/491.html Attackers can use Cloneable objects to create new instances of an object without calling its constructor. |
|
| ID: 560 | Name: Often Misused: umask |
|
URL: http://cwe.mitre.org/data/definitions/560.html The mask specified by the argument umask() is often confused with the argument to chmod() |
|
| ID: 562 | Name: Stack Address Returned |
|
URL: http://cwe.mitre.org/data/definitions/562.html Returning the address of a stack variable will cause unintended program behavior, typically in the form of a crash. |
|
| ID: 565 | Name: Use of Cookies |
|
URL: http://cwe.mitre.org/data/definitions/565.html Attackers can easily modify cookies, and reliance without detailed validation can lead to problems like SQL injection and other errors. |
|
| ID: 568 | Name: Erroneous Finalize Method |
|
URL: http://cwe.mitre.org/data/definitions/568.html The software contains a finalize() method that does not call super.finalize(). |
|
| ID: 570 | Name: Expression is Always False |
|
URL: http://cwe.mitre.org/data/definitions/570.html The software contains an expression that will always evaluate to false. |
|
| ID: 571 | Name: Expression is Always True |
|
URL: http://cwe.mitre.org/data/definitions/571.html The software contains an expression that will always evaluate to true. |
|
| ID: 574 | Name: EJB Bad Practices: Use of Synchronization Primitives |
|
URL: http://cwe.mitre.org/data/definitions/574.html The program violates the Enterprise JavaBeans specification by using thread synchronization primitives. |
|
| ID: 575 | Name: EJB Bad Practices: Use of AWT Swing |
|
URL: http://cwe.mitre.org/data/definitions/575.html The program violates the Enterprise JavaBeans specification by using AWT/Swing. |
|
| ID: 576 | Name: EJB Bad Practices: Use of JAVA I/O |
|
URL: http://cwe.mitre.org/data/definitions/576.html The program violates the Enterprise JavaBeans specification by using the java.io package. |
|
| ID: 577 | Name: EJB Bad Practices: Use of Sockets |
|
URL: http://cwe.mitre.org/data/definitions/577.html The program violates the Enterprise JavaBeans specification by using sockets. |
|
| ID: 578 | Name: EJB Bad Practices: Use of Class Loader |
|
URL: http://cwe.mitre.org/data/definitions/578.html The program violates the Enterprise JavaBeans specification by using the class loader. |
|
| ID: 580 | Name: Erroneous Clone Method |
|
URL: http://cwe.mitre.org/data/definitions/580.html The software contains a clone() method that fails to call super.clone() to obtain the new object. |
|
| ID: 581 | Name: Object Model Violation: Just One of Equals and Haschode Defined |
|
URL: http://cwe.mitre.org/data/definitions/581.html Software fails to maintain equal hashcodes for equal objects. |
|
| ID: 582 | Name: Mobile Code: Unsafe Array Declaration |
|
URL: http://cwe.mitre.org/data/definitions/582.html The program violates secure coding principles for mobile code by declaring an array public, final and static. |
|
| ID: 583 | Name: Mobile Code: Public Finalize Method |
|
URL: http://cwe.mitre.org/data/definitions/583.html The program violates secure coding principles for mobile code by declaring a finalize() method public. |
|
| ID: 584 | Name: Return Inside Finally Block |
|
URL: http://cwe.mitre.org/data/definitions/584.html A return statement inside a finally block will cause any exception that might be thrown in the try block to be discarded. |
|
| ID: 586 | Name: Explicit Call to Finalize |
|
URL: http://cwe.mitre.org/data/definitions/586.html The software makes an explicit call to the finalize() method from outside the finalizer. |
|
| ID: 587 | Name: Assignment of a Fixed Address to a Pointer |
|
URL: http://cwe.mitre.org/data/definitions/587.html If a pointer is set to a specific address, other than 0(Which is almost always NULL), that address will probably not be valid. |
|
| ID: 588 | Name: Attempt to Access Child of a Non-structure Pointer |
|
URL: http://cwe.mitre.org/data/definitions/588.html Casting a non-stucture type to a structure type and accessing a field can lead to memory access errors or data corruption. |
|
| ID: 589 | Name: Call to Limited API |
|
URL: http://cwe.mitre.org/data/definitions/589.html An API function that does not exist on all versions of the target platform was identified. Some functions that offer security features supported by the OS are not available on all versions of the OS in common use. Likewise, functions are often deprecated or made obsolete for security reasons and should not be used. |
|
| ID: 595 | Name: Incorrect Object Comparison: Syntactic |
|
URL: http://cwe.mitre.org/data/definitions/595.html Object references are compared rather than objects themselves |
|
| ID: 597 | Name: Erroneous String Compare |
|
URL: http://cwe.mitre.org/data/definitions/597.html Strings should be compared with the equals() method, not == or != |
|
| ID: 598 | Name: Information Leak Through GET Request |
|
URL: http://cwe.mitre.org/data/definitions/598.html An area of the web application that possibly contains sensitive information or access to privileged functionality such as remote site administration functionality utilizes query strings to pass information between pages. Information in query strings is directly visible to the end user via the browser interface, which can cause security issues. |
|
